In the early days of web-based applications, there were many scenarios in which a user was asked to provide his or her most secret credentials, such as a user name and password, to gain access to a web page or web site. The web site could then browse through the user's mailboxes, and access on behalf of the user the user's protected resources such as an email box. This was recognized as not being acceptable from a security standpoint, because the user was passing over his or her most secret credentials to an application that may not be fully trustworthy. The application of questionable trustworthiness would then be allowed to act on the user's behalf under the full scope of the user's credentials. In such a scenario, the web site would even be able to send an email, without the user's knowledge, on the user's behalf.